Creating the Next Generation of Cyber-Security Experts

Concern about cyber-security is at the forefront of the minds of many company executives. The impact of cyber-crime, identity theft and the ever present threat of hackers intruding on their systems keeps many CEOs awake at night, well aware of the reputational and financial threat that this represents to their business.

Carnegie Mellon University is aiming to build a talent pipeline into the cyber-security workforce by introducing computer security skills to middle and high school students through picoCTF, a free, online hacking contest that starts on March 31, 2017. Now in its third year, the virtual game of capture the flag (CTF) has previously drawn nearly 30,000 people.

“Right now, we’re facing a tremendous shortfall in computer security experts,” says David Brumley, project lead for picoCTF and the director of CyLab and a professor of electrical and computer engineering, Carnegie Mellon’s Security and Privacy Institute. “The root of the problem is that most people don’t even know that computer security is a field they can go into. Building awareness is a major goal of picoCTF.”

This year, players will be competing for over $30,000 in prizes, thanks to this year’s corporate sponsors. Registration is open to anyone, but only U.S. students in grades 6-12 are eligible to compete for prizes. Registration will remain open until the end of the competition, and there is no penalty for registering after the competition’s official start date, March 31.

For the two weeks of competition participants will learn to reverse engineer, break, hack, decrypt and do anything necessary to solve a series of challenges that are centered around a unique storyline. Challenges will start out easy and become increasingly difficult.

“To get started, you just need critical thinking skills,” Brumley says. “We lead you throughout the game to develop more and more sophisticated notions of computer security so that by the end, you’re solving real crypto problems and performing at a high level.”

Tim Becker, an undergraduate student studying computer security at Carnegie Mellon, played picoCTF in 2013 as a high school student and uncovered a talent he never knew he had.

“I competed with some friends for fun, but none of us expected to do that well,” Becker says. “But we ended up finishing in 3rd place, and that’s how I ended up getting into this field.”

Fast forward four years, and Becker is now a captain on Carnegie Mellon’s student hacking team, the Plaid Parliament of Pwning (PPP). The team has won DefCon’s Capture the Flag competition – informally known as the “Super Bowl of Hacking” – three times in the past four years.

Carlos Casanova is an internationally known speaker, IT architect, leadership advisor and the co-author of “The CMDB Imperative”. He has over two decades of hands on experience guiding CIOs and Sr. Leadership to achieve effective IT operations and improve ROI from infrastructure investments. His expansive experience enables him to quickly assess their true needs and achieve better business outcomes. He takes the complexity out of today's cluttered IT and business environments to simplify their goals in order to accelerate achievement and success.